The Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations apply to individuals and organizations meeting the HIPAA definition of “Covered Entities.” These covered entities include group health plans, health care providers who conduct certain transactions electronically — including but not limited to transmissions of health care claims — health care payments, enrollment in a health plan and referral authorizations and health care clearinghouses. Although UNE does not primarily or solely engage in any of these activities, some units within the University perform functions that bring them within the definition of a covered entity under HIPAA.

UNE performs both non-covered and covered entity functions to carry out its educational mission by providing health care in different contexts. HIPAA allows an entity that engages in limited HIPAA covered functions, to designate itself as a hybrid entity. A hybrid entity is a single legal entity that performs both covered entity functions and non-covered entity functions. The HIPAA regulations and requirements only apply to the covered entity components.

UNE declares itself a hybrid entity and has designated the following UNE units as Covered Entity Components:

View the UNE Notice of Privacy Practice and HIPAA Policies and Procedures Manual.


Bernice A. Mills, RDH, M.S.
UNE HIPAA privacy officer and assistant dean of student and clinical affairs
(207) 221-4314

Laura Cutter
HIPAA Compliance Coordinator

This website uses cookies to understand how you use the website and to improve your experience. By continuing to use the website, you accept the University of New England’s use of cookies and similar technologies. To learn more about our use of cookies and how to manage your browser cookie settings, please review our Privacy Notice.